NetScanTools Pro

We all like tools (sometimes read “toys”). Especially nifty ones. One of the tools I’ve used for years is NetScanTools Pro from NorthWest Performance Software. Kirk Thomas is the founder of the company and you can find him on twitter as @NetScanTools. I’ve talked to him many times on Twitter and he is extremely helpful and very open to input from his customers.

NetScanTools Pro

I was first introduced to NetScanTools Pro by Laura Chappell of Chappell University, where she teaches about protocol analysis and Wireshark. It’s something of a network discovery tool and then some. It has a collection of active and passive discovery tools, various DNS tools, and some packet level tools. The value in most of this is that all the tools are in one place and it has automation to grab lots of information very quickly, though there are a few unique tools. The only downside to this tool is that it’s only on Windows.

Discovery Tools

You can find out a lot about a network by digging through it’s DNS entries, scanning hosts, doing whois lookups, etc. That generally takes time. NST can really speed this up with several automated reports. In just a few minutes it can give you a report for a domain that includes whois records, DNS details, MX records, blacklists, traceroute with geolocation, port scans, and more.

NetScanTools Scanning

NetScanTools running a scan. You can see most of the options here.

This can save a lot of time in discovering information about a network. You don’t have to do everything as an automated scan. You can also run the tools individually.

There are also a number of tools that give you information about the computer and local network that NST is running upon. If it has something to do with the network, NST has a tool to tell you about it.

Testing Tools

NST also includes what I would call testing tools. SMTP testing, which is nice because you can set just about any set of options. You can test authentication, specific encryption settings, whether messages relay, and much more. It’s all the power of directly connecting to port 25 with telnet, but with checkboxes. You can perform SNMP walks and scans, including SNMPv3 support. A TCP terminal, which essentially allows you to telnet to any port, but with the added ability to choose the source port, is also included. Also, a TimeSync tool which is useful for checking NTP servers. How about this set of options for the enhanced ping tool:

More ping options than you know what to do with.

More ping options than you know what to do with.

Packet Tools

There are nice little collection of packet tools that let you generate arbitrary packets, send Wake on LAN packets, capture packets, and playback a capture. The capture app isn’t Wireshark, but it’s convenient and you can always save the capture and open it in Wireshark.

The options for the NetScanTools Pro packet generator

The options for the NetScanTools Pro packet generator

SSL Certificate Scanner

I like this one. Give it a list or range of IPs, and it’ll tell you about the SSL certs. This could be useful to scan a network and check for soon to be expired certificates, for example.

Yep, my SSL cert is still valid

Yep, my SSL cert is still valid

Graphical Traceroute

If you like mtr, you should also like the new Graphical Traceroute tool. Since a picture is worth 1000 words and since it is Graphical Traceroute, I think the best way to describe this tool is with a screenshot.

The new Graphical Traceroute tool is nifty.

The new Graphical Traceroute tool is nifty.

Closing Thoughts

I’ve had this toolset for years. It’s not one I use ever day, but it’s nice to have when I need it. It just has so many tools bundled into one place and most of them support IPv6. It has a free 30 day demo, so give it a shot and explore this toolset.

Disclosure

I use this software and have paid for this software, however, I did receive a nice discount on my last maintenance renewal when I planned to write a blog post about the software.

FIN